What Are Three Access Control Security Services? (Choose Three.)
Cybersecurity Essentials 1.one Quiz Answers 100%
The entire data for quizzes answers shares below. Become through each role to get answers. I promise this volition be helpful.
Practice Quiz
Chapter 1 Quiz
1. Pick iii types of records that cybercriminals would be interested in stealing from organizations. (Choose three.)
Answer:
employment
2. What does the acronym IoE correspond? -
Internet of Everything
iii. What name is given to hackers who hack for a cause? -
hactivist
four. What does the term vulnerability mean? -
a weakness that makes a target susceptible to an attack
v. What is an instance of an Net data domain? - LinkedIn
6. What does the term BYOD represent? -
bring your own device
seven. What is the workforce framework category that includes highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence? -
Analyze
8. Disappointment cybercriminals includes which of the post-obit? (Choose two.)
-
sharing cyber Intelligence information
- establishing early alarm systems
9. What type of attack can disable a estimator by forcing it to use memory or past overworking its CPU? -
algorithm
10. What name is given to an apprentice hacker? -
script kiddie
11. What type of attack uses many systems to alluvion the resources of a target, thus making the target unavailable? -
DDoS
Chapter two Quiz
1. What are the two common hash functions? (Choose two.)
- SHA, MD5
2. What service determines which resources a user can access along with the operations that a user can perform? - Potency
iii. What type of cybersecurity laws protect you from an arrangement that might desire to share your sensitive data?- Privacy
iv. What iii design principles help to ensure high availability? (Choose three.)
-eliminate single points of failure, provide for a reliable crossover, detect failures as they occur
5. For the purpose of hallmark, what three methods are used to verify identity? (Choose three.)
-something you know, something you have, something you are
six. What is a secure virtual network chosen that uses the public network?
- VPN
seven. What mechanism can organizations utilise to foreclose accidental changes past authorized users? - Version Control
8. What is a method of sending information from i device to another using removable media? - Sneaker Cyberspace
9. What are the three foundational principles of the cybersecurity domain? (Choose three.)
- integrity
- availability
- confidentiality
10. What are the 3 access control security services? (Cull three.)
- authority
- accounting
- hallmark
11. Which two methods help to ensure data integrity? (Choose two.)
- data consistency checks, hashing
12. What 3 tasks are accomplished by a comprehensive security policy? (Choose three.)
- defines legal consequences of violations
- gives security staff the backing of management
- sets rules for expected behavior
13. What two methods help to ensure organisation availability? (Cull two.)
- up-to-engagement operating systems
- equipment maintenance
14. What principle prevents the disclosure of data to unauthorized people, resources, and processes? - confidentiality
fifteen. What are the three states of data? (Choose three.)
- at remainder
- in-transit
- in-process
sixteen. What name is given to whatever changes to the original data such as users manually modifying data, programs processing and changing data, and equipment failures? - modification
17. What is identified past the first dimension of the cybersecurity cube?
- goals
18. What name is given to a storage device connected to a network?
- NAS
19. What are the two methods that ensure confidentiality? (Cull 2.)
- hallmark
- encryption
20. What are the 3 types of sensitive data? (Choose three.)
- business
- classified
- PII
Chapter 3 Quiz
1. What is a vulnerability that allows criminals to inject scripts into web pages viewed by users? - Cross-site scripting
ii. What blazon of attack targets an SQL database using the input field of a user? - SQL injection
3. Which two reasons draw why WEP is a weak protocol? (Cull two.)
- The cardinal is static and repeats on a congested network.
- The cardinal is transmitted in cleartext.
4. What is the difference between a virus and a worm?
-Worms cocky-replicate merely viruses exercise not.
5. A criminal is using software to obtain information about the computer of a user. What is the name of this blazon of software? - spyware
six. What is the meaning of the term logic bomb?
-a malicious program that uses a trigger to awaken the malicious code
7. What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source? - phishing
eight. What are two means to protect a computer from malware? (Choose ii.)
- Utilise antivirus software.
- Keep software up to date.
9. What occurs on a computer when data goes beyond the limits of a buffer? - a buffer overflow
10. What is the term used to draw an email that is targeting a specific person employed at a fiscal establishment? - spear phishing
11. An attacker is sitting in forepart of a shop and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this? - bluesnarfing
12. What are two of the tactics used by a social engineer to obtain personal information from an unsuspecting target? (Choose 2.)
- intimidation
- urgency
13. What are the two common indicators of spam mail? (Choose two.)
- The email has misspelled words or punctuation errors or both.
- The email has no subject line.
14. Which term describes the sending of a short deceptive SMS bulletin used to trick a target into visiting a website? - smishing
15. A reckoner is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the aforementioned user. What type of malware is this? - a type of ransomware
16. What is the proper name for the blazon of software that generates revenue by generating annoying popular-ups? - adware
17. What does a rootkit modify? - operating organisation
18. What is the proper name given to a program or program lawmaking that bypasses normal authentication? - backdoor
Chapter 4 Quiz
1. What is the proper noun of the method in which letters are rearranged to create the ciphertext? - transposition
two. Which 128-scrap block cipher encryption algorithm does the US authorities use to protect classified information?
- AES
3. Which term describes the engineering that protects software from unauthorized access or modification?
- watermarking
4. Which 3 devices stand for examples of concrete access controls? (Choose 3.)
- swipe cards
- locks
- video cameras
5. What term is used to draw the engineering science that replaces sensitive information with a non-sensitive version? - masking
half dozen. Which blazon of cipher is able to encrypt a fixed-length block of plaintext into a 128-scrap cake of ciphertext at any one fourth dimension? - block
7. What encryption algorithm uses the same pre-shared key to encrypt and decrypt data? - symmetric
viii. What type of zilch encrypts plaintext i byte or 1 bit at a fourth dimension? - stream
9. What cryptographic algorithm is used by the NSA and includes the use of elliptical curves for digital signature generation and key exchange?
- ECC
10. What is the term used to draw the scientific discipline of making and breaking secret codes?
- cryptology
eleven. Which three processes are examples of logical access controls? (Cull three.)
- firewalls to monitor traffic
- intrusion detection system (IDS) to watch for suspicious network activeness
- biometrics to validate physical characteristics
12. What term is used to describe concealing data in another file such as a graphic, sound, or other text files?
- steganography
thirteen. What are three examples of administrative access controls? (Choose 3.)
- hiring practices
- policies and procedures
- background checks
14. Which iii protocols use asymmetric fundamental algorithms? (Choose three.)
- Secure Beat out (SSH)
- Pretty Skillful Privacy (PGP)
- Secure Sockets Layer (SSL)
15. A alarm banner that lists the negative outcomes of breaking company policy is displayed each fourth dimension a estimator user logs in to the machine. What type of access control is implemented?
- deterrent
16. Which ii terms are used to describe cipher keys? (Choose 2.)
- fundamental space
- fundamental length
17. Friction match the blazon of multifactor authentication with the description.
- a security key fob ————> something you take
- a fingerprint scan ————> something you are
- a password ————> something you know
18. Match the clarification with the right term. (Not all targets are used.)
- steganography —————> hiding data within an audio file
- steganalysis ——————> discovering that hidden information exists within a graphic file
- social steganography ——–> creating a message that says i thing but means something else to a specific audience
- obfuscation ——————> making a bulletin disruptive so it is harder to empathise
xix. Which asymmetric algorithm provides an electronic key exchange method to share the secret key?
- Diffie-Hellman
20. What encryption algorithm uses i key to encrypt data and a unlike primal to decrypt information?
- asymmetric
Chapter 5 Quiz
1. What is the strength of using a hashing part?
- It is a one-style function and not reversible.
ii. A user is instructed by a boss to notice a better method to secure passwords in transit. The user has researched several means to do so and has settled on using HMAC. What are the key elements needed to implement HMAC?
- hush-hush primal and bulletin assimilate
3. Which method tries all possible passwords until a match is found?
- brute forcefulness
4. An investigator finds a USB drive at a crime scene and wants to present it as evidence in court. The investigator takes the USB drive and creates a forensic image of it and takes a hash of both the original USB device and the image that was created. What is the investigator attempting to prove about the USB drive when the bear witness is submitted in court?
- The data in the epitome is an verbal copy and nothing has been altered by the process.
v. What are the three types of attacks that are preventable through the utilise of salting? (Choose three.)
- lookup tables
- reverse lookup tables
- rainbow tables
half dozen. A user has been asked to implement IPsec for entering external connections. The user plans to use SHA-1 equally part of the implementation. The user wants to ensure the integrity and authenticity of the connectedness. What security tool tin the user use?
- HMAC
seven. A user downloads an updated driver for a video card from a website. A alarm message pops up proverb the commuter is non approved. What does this piece of software lack?
- digital signature
viii. What is the purpose of CSPRNG?
- to generate salt
nine. A user has created a new program and wants to distribute it to everyone in the company. The user wants to ensure that when the programme is downloaded that the program is non changed while in transit. What can the user do to ensure that the programme is non changed when downloaded?
- Create a hash of the program file that tin can exist used to verify the integrity of the file later it is downloaded.
x. A recent email sent throughout the company stated that in that location would exist a change in security policy. The security officer who was presumed to have sent the message stated the bulletin was not sent from the security role and the company may be a victim of a spoofed e-mail. What could have been added to the message to ensure the message really came from the person?
- digital signature
11. A recent breach at a company was traced to the ability of a hacker to access the corporate database through the company website by using malformed information in the login form. What is the trouble with the company website?
- poor input validation
12. What are the three validation criteria used for a validation rule? (Cull three.)
- range
- size
- format
xiii. A user is connecting to an e-commerce server to buy some widgets for a company. The user connects to the site and notices there is no lock in the browser security status bar. The site does prompt for a username and password and the user is able to log in. What is the danger of proceeding with this transaction?
- The site is not using a digital certificate to secure the transaction, with the result that everything is in the articulate.
14. Place three situations in which the hashing function tin be applied. (Choose 3.)
- PKI
- IPsec
- CHAP
fifteen. What is the standard for a public key infrastructure to manage digital certificates?
- 10.509
16. A user is evaluating the security infrastructure of a visitor and notices that some hallmark systems are non using all-time practices when it comes to storing passwords. The user is able to crack passwords very fast and admission sensitive data. The user wants to present a recommendation to the company on the proper implementation of salting to avert countersign cracking techniques. What are the three best practices in implementing salting? (Choose three.)
- A common salt should not be reused.
- A table salt must be unique.
- A salt should be unique for each password
17. A user is the database administrator for a company. The user has been asked to implement an integrity rule that states every tabular array must have a principal key and that the cavalcade or columns chosen to exist the main fundamental must be unique and not null. Which integrity requirement is the user implementing?
- entity integrity
18. What are three NIST-approved digital signature algorithms? (Cull three.)
- ECDSA
- RSA
- DSA
xix. Alice and Bob use the same password to login to the company network. This means both would have the exact same hash for their passwords. What could be implemented to prevent both password hashes from being the same?
- salting
20. What is the step past step process for creating a digital signature?
- Create a bulletin digest; encrypt the digest with the private key of the sender; and parcel the message, encrypted digest, and public key together in gild to sign the document.
Chapter 6 Quiz
ane. A user is purchasing a new server for the company data center. The user wants disk striping with parity on three disks. Which RAID level should the user implement?
- five
2. A user is asked to create a disaster recovery plan for a visitor. The user needs to have a few questions answered by management to proceed. Which 3 questions should the user inquire management as office of the process of creating the plan? (Choose three.)
- Where does the individual perform the process?
- Who is responsible for the process
- What is the process?
3. A user was hired by a company to provide a highly available network infrastructure. The user wants to build redundancy into the network in case of a switch failure merely wants to prevent Layer 2 looping. What would the user implement in the network?
- Spanning Tree Protocol
4. A security breach has happened at a major corporation. The incident team has responded and executed their incident response plan. During which phase are lessons learned applied?
- post-incident
v. A team has been asked to create an incident response plan for security incidents. In what phase of an incident response plan does the squad become management approval of the plan?
- preparation
half dozen. A user is asked to perform a risk analysis of a company. The user asks for the company nugget database that contains a listing of all equipment. The user uses this data as function of a run a risk analysis. Which type of risk analysis could be performed?
- quantitative
7. A user is evaluating the network infrastructure of a company. The user noted many redundant systems and devices in place, simply no overall evaluation of the network. In a study, the user emphasized the methods and configurations needed as a whole to brand the network fault-tolerant. What is the type of design the user is stressing?
- resilient
eight. A user has completed a six-month projection to identify all data locations and catalog the location. The next pace is to allocate the data and produce some criteria on information sensitivity. Which ii steps can the user take to classify the data? (Choose ii.)
- Identify the sensitivity of the information.
- Establish the possessor of the data
nine. A user needs to add together back-up to the routers in a visitor. What are the three options the user can use? (Choose three.)
- HSRP
- VRRP
- GLBP
10. A user is asked to evaluate the information center to improve availability for customers. The user notices that there is only ane ISP connection, some of the equipment is out of warranty, there are no spare parts, and no one was monitoring the UPS which was tripped twice in one calendar month. Which three deficiencies in loftier availability has the user identified? (Choose three.)
- single points of failure
- failure to detect errors equally they occur
- failure to design for reliability
11. A company is concerned with traffic that flows through the network. In that location is a concern that there may be malware that exists that is not being blocked or eradicated by antivirus. What applied science tin be put in place to detect potential malware traffic on the network?
- IDS
12. A user is a consultant who is hired to prepare a written report to Congress as to which industries should be required to maintain v-nine availability. Which three industries should the user include in a report? (Cull 3.)
- public condom
- finance
- healthcare
thirteen. A user is asked to evaluate the security posture of a visitor. The user looks at past attempts to break into the company and evaluates the threats and exposures to create a report. Which type of risk assay could the user perform?
- qualitative
14. A user is running a routine inspect of the server hardware in the company data centre. Several servers are using single drives to host operating systems and multiple types of attached storage solutions for storing data. The user wants to offering a better solution to provide fault tolerance during a bulldoze failure. Which solution is best?
- RAID
fifteen. A user was hired as the new security officeholder. I of the offset projects was to accept inventory of the company assets and create a comprehensive database. Which three pieces of information would the user desire to capture in an asset database? (Choose three.)
- hardware network devices
- workstations
- operating systems
xvi. A user is redesigning a network for a small company and wants to ensure security at a reasonable toll. The user deploys a new application-aware firewall with intrusion detection capabilities on the Internet service provider connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What arroyo is the user implementing?
- layered
17. The CEO of a company is concerned that if a data breach should occur and customer data is exposed, the visitor could be sued. The CEO makes the decision to buy insurance for the company. What type of risk mitigation is CEO implementing?
- transference
Chapter seven Quiz
1. A user is proposing the buy of a patch management solution for a company. The user wants to give reasons why the visitor should spend money on a solution. What benefits does patch direction provide? (Choose 3.)
- Administrators tin can approve or deny patches.
- Updates can be forced on systems immediately.
- Updates cannot be circumvented
ii. A user calls the help desk complaining that an application was installed on the calculator and the awarding cannot connect to the Internet. In that location are no antivirus warnings and the user can scan the Net. What is the virtually likely cause of the problem?
- computer firewall
iii. Companies may have different operation centers that handle unlike issues with the It operations. If an issue is related to network infrastructure, what operation center would be responsible?
- NOC
iv. Why is WPA2 amend than WPA?
- mandatory use of AES algorithms
5. A visitor wants to implement biometric admission to its information centre. The company is concerned with people beingness able to circumvent the system by beingness falsely accepted as legitimate users. What type of mistake is false acceptance?
- Blazon Two
6. An administrator of a small data heart wants a flexible, secure method of remotely connecting to servers.Which protocol would exist best to use?
- Secure Vanquish
seven. Which service will resolve a specific web address into an IP accost of the destination web server?
- DNS
8. Which 3 items are malware? (Choose three.)
- virus
- Trojan horse
- keylogger
9. The CIO wants to secure data on company laptops by implementing file encryption. The technician determines the best method is to encrypt each hard bulldoze using Windows BitLocker. Which two things are needed to implement this solution? (Choose ii.)
- at least two volumes
- TPM
x. A user makes a request to implement a patch management service for a company. As office of the requisition, the user needs to provide justification for the request. What iii reasons can the user apply to justify the request? (Choose 3.)
- no opportunities for users to circumvent updates
- the ability to obtain reports on systems
- the ability to command when updates occur
eleven. The manager of desktop support wants to minimize reanimation for workstations that crash or have other software-related issues. What are 3 advantages of using disk cloning? (Cull iii.)
- can provide a full organisation backup
- easier to deploy new computers inside the organization
- ensures a clean imaged motorcar
12. A user is asked to analyze the current state of a computer operating system. What should the user compare the electric current operating system against to identify potential vulnerabilities?
- a baseline
13. What is the departure between an HIDS and a firewall?
- An HIDS monitors operating systems on host computers and processes file system activity. Firewalls let or deny traffic between the computer and other systems.
14. What are the three types of ability bug that a technician should be concerned about? (Choose three.)
- blackout
- brownout
- spike
15. A new PC is taken out of the box, started upward, and connected to the Net. Patches were downloaded and installed. The antivirus was updated. In order to farther harden the operating system what can be done?
- Remove unnecessary programs and services.
16. The company has many users who telecommute. A solution needs to be found so a secure communication aqueduct can be established between the remote location of users and the company. What is a good solution for this situation?
- VPN
17. Why should WEP not be used in wireless networks today?
- easily crackable
18. A user calls the help desk-bound lament that the countersign to access the wireless network has inverse without alert. The user is immune to change the password, just an hour after, the aforementioned thing occurs. What might be happening in this state of affairs?
- rogue access point
19. An intern has started working in the support group. Ane duty is to ready local policy for passwords on the workstations. What tool would be best to use?
- secpol.msc
20. The managing director of a department suspects someone is trying to break into computers at night. You are asked to find out if this is the case. What logging would you enable?
- inspect
21. After a security audit for an organisation, multiple accounts were establish to have privileged admission to systems and devices. Which three all-time practices for securing privileged accounts should be included in the audit report? (Cull three.)
- Enforce the principle of least privilege.
- Secure password storage.
- Reduce the number of privileged accounts.
Chapter eight Quiz
i. An auditor is asked to assess the LAN of a company for potential threats. What are the iii potential threats the accountant may point out? (Choose three.)
- a misconfigured firewall
- unauthorized port scanning and network probing
- unlocked access to network equipment
2. As role of the 60 minutes policy in a company, an individual may opt-out of having information shared with any third political party other than the employer. Which law protects the privacy of personal shared data?
- GLBA
3. As a security professional person, there is a possibility to have admission to sensitive data and assets. What is one item a security professional person should sympathize in club to make informed ethical decisions?
- laws governing the data
4. A security professional person is asked to perform an analysis of the current state of a company network. What tool would the security professional utilize to scan the network only for security risks?
- vulnerability scanner
v. A consultant is hired to make recommendations on managing device threats in a company. What are the three general recommendations that can be fabricated? (Choose three.)
- Disable administrative rights for users.
- Enable automatic antivirus scans.
- Enable screen lockout.
6. What iii services does CERT provide? (Cull 3.)
- develop tools, products, and methods to clarify vulnerabilities
- develop tools, products, and methods to behave forensic examinations
- resolve software vulnerabilities
vii. What are two items that tin be found on the Internet Storm Center website? (Choose two.)
- InfoSec reports
- InfoSec job postings
viii. What can be used to charge per unit threats past an affect score to emphasize of import vulnerabilities?
- NVD
9. A alienation occurs in a company that processes credit menu information. Which industry-specific law governs credit bill of fare data protection?
- PCI DSS
ten. Why is Kali Linux a popular choice in testing the network security of an organization?
- It is an open up-source Linux security distribution and contains over 300 tools.
xi. A company is attempting to lower the cost of deploying commercial software and is considering a deject-based service. Which cloud-based service would be all-time to host the software?
- SaaS
12. An system has implemented a private cloud infrastructure. The security administrator is asked to secure the infrastructure from potential threats. What 3 tactics tin can be implemented to protect the private deject? (Choose three.)
- Update devices with security fixes and patches.
- Test inbound and outbound traffic.
- Disable ping, probing, and port scanning.
thirteen. A school administrator is concerned with the disclosure of student data due to a breach. Under which act is student information protected?
- FERPA
14. What are the three wide categories for information security positions? (Choose 3.)
- definers
- monitors
- builders
fifteen. What are two potential threats to applications? (Choose two.)
- data loss
- unauthorized access
16. If a person knowingly accesses a authorities computer without permission, what federal act laws would the person exist subject to?
- CFAA
17. A visitor has had several incidents involving users downloading unauthorized software, using unauthorized websites, and using personal USB devices. The CIO wants to put in identify a scheme to manage user threats. What three things might exist put in identify to manage the threats? (Choose 3.)
- Disable CD and USB access.
- Provide security awareness training.
- Use content filtering.
18. What are three disclosure exemptions that pertain to the FOIA? (Choose 3.)
- confidential business concern data
- national security and strange policy information
- police force enforcement records that implicate 1 of a set of enumerated concerns
19. Unauthorized visitors have entered a visitor role and are walking around the building. What two measures tin exist implemented to prevent unauthorized company access to the edifice? (Choose two.)
- Establish policies and procedures for guests visiting the edifice.
- Conduct security awareness training regularly.
Last Quiz
1. A cybersecurity specialist is asked to identify the potential criminals known to assail the organization. Which blazon of hackers would the cybersecurity specialist be to the lowest degree concerned with?
- white hat hackers
2. Which argument best describes a motivation of hacktivists?
- They are part of a protestation grouping behind a political crusade.
3. What is an example of early warning systems that can be used to thwart cybercriminals?
- Honeynet project
4. Which technology should exist used to enforce the security policy that a computing device must be checked against the latest antivirus update before the device is allowed to connect to the campus network?
- NAC
5. Which data state is maintained in NAS and SAN services?
- stored data
6. What are the three states of data during which data is vulnerable? (Choose three.)
- stored data
- data in-process
- data in-transit
seven. Which applied science tin exist used to ensure data confidentiality?
- encryption
viii. A cybersecurity specialist is working with the It staff to establish an constructive data security plan. Which combination of security principles forms the foundation of a security program?
- confidentiality, integrity, and availability
9. What are the 2 near constructive ways to defend against malware? (Choose two.)
- Update the operating organisation and other awarding software.
- Install and update antivirus software.
10. What is an impersonation assail that takes advantage of a trusted relationship between ii systems?
- spoofing
xi. Users study that the network access is slow. Subsequently questioning the employees, the network administrator learned that 1 employee downloaded a tertiary-party scanning program for the printer. What blazon of malware might be introduced that causes deadening operation of the network?
- worm
12. Which argument describes a distributed denial of service attack?"
- An assailant builds a botnet comprised of zombies.
13. What type of application attack occurs when information goes beyond the memory areas allocated to the application?
- buffer overflow
14. What type of attack has an organization experienced when an employee installs an unauthorized device on the network to view network traffic?
- sniffing
xv. A penetration testing service hired by the visitor has reported that a backdoor was identified on the network. What activeness should the system take to detect out if systems have been compromised?
- Look for unauthorized accounts.
16. The It department is tasked to implement a organization that controls what a user can and cannot do on the corporate network. Which process should be implemented to meet the requirement?
- a set of attributes that describes user access rights
17. Smart cards and biometrics are considered to exist what type of admission control?
- logical
18. Which admission control should the It department use to restore a system dorsum to its normal state?
- cosmetic
xix. A user has a big corporeality of data that needs to exist kept confidential. Which algorithm would best meet this requirement?
- 3DES
twenty. Alice and Bob use a pre-shared fundamental to exchange a confidential message. If Bob wants to send a confidential bulletin to Ballad, what central should he utilise?
- a new pre-shared key
21. What happens as the key length increases in an encryption application?
- Keyspace increases exponentially
22. In which situation would a detective control be warranted?
- when the organization needs to look for prohibited activity
23. An organization has implemented antivirus software. What type of security control did the visitor implement?
- recovery control
24. You have been asked to draw information validation to the data entry clerks in accounts receivable. Which of the following are proficient examples of strings, integers, and decimals?
- female, 9866, $125.50
25. Which hashing engineering science requires keys to be exchanged?
- HMAC
26. Your organization will be handling market place trades. You will be required to verify the identity of each customer who is executing a transaction. 26. Which engineering should exist implemented to authenticate and verify customer electronic transactions?
- digital certificates
27. What applied science should exist implemented to verify the identity of an arrangement, to authenticate its website, and to provide an encrypted connection between a client and the website?
- digital certificate
28. Alice and Bob are using a digital signature to sign a certificate. What key should Alice apply to sign the document so that Bob can make sure that the document came from Alice?
- private key from Alice
29. What is a characteristic of a cryptographic hash role?
- The hash function is a one-fashion mathematical function.
xxx. A VPN will be used inside the organisation to give remote users secure admission to the corporate network. What does IPsec use to authenticate the origin of every packet to provide data integrity checking?
- HMAC
31. Which hashing algorithm is recommended for the protection of sensitive, unclassified information?
- SHA-256
32. Your chance manager just distributed a chart that uses three colors to identify the level of threat to key assets in the information security systems. Blood-red represents high level of risk, yellow represents average level of threat and green represents depression level of threat. What blazon of risk analysis does this chart represent?
- qualitative assay
33. What is information technology called when an arrangement only installs applications that meet its guidelines, and administrators increase security past eliminating all other applications?
- asset standardization
34. Keeping data backups offsite is an instance of which blazon of disaster recovery control?
- preventive
35. What are the 2 incident response phases? (Cull two.)
- detection and assay.
- containment and recovery
36. The team is in the process of performing a risk analysis on the database services. The information nerveless includes the initial value of these assets, the threats to the assets and the impact of the threats. What type of risk analysis is the team performing by calculating the almanac loss expectancy?
- quantitative analysis
37. What approach to availability provides the most comprehensive protection because multiple defenses coordinate together to forbid attacks?
- layering
38. Being able to maintain availability during disruptive events describes which of the principles of loftier availability?
- system resiliency
39. There are many environments that require 5 nines, but a five nines environment may have price prohibitive. What is i example of where the five nines' surroundings might be toll-prohibitive?
- the New York Stock Exchange
40. Which risk mitigation strategies include outsourcing services and purchasing insurance?
- transfer
41. Which utility uses the Internet Control Messaging Protocol (ICMP)?
- ping
42. Which technology can exist used to protect VoIP against eavesdropping?
- encrypted voice messages
43. What Windows utility should be used to configure password rules and account lockout policies on a system that is not function of a domain?
- Local Security Policy tool
44. In a comparison of biometric systems, what is the crossover error charge per unit?
- rate of fake negatives and rate of fake positives
45. Which protocol would be used to provide security for employees that access systems remotely from home?
- SSH
46. Which 3 protocols can use Advanced Encryption Standard (AES)? (Choose iii.)
- WPA
- WPA2
- 802.11i
47. Mutual authentication can prevent which blazon of attack?
- homo-in-the-middle
48. Which website offers guidance on putting together a checklist to provide guidance on configuring and hardening operating systems?
- The National Vulnerability Database website
49. Which threat is mitigated through user awareness training and tying security awareness to performance reviews?
- user-related threats
50. HVAC, water organisation, and fire systems autumn under which of the cybersecurity domains?
- concrete facilities
Subscribe our YOUTUBE CHANNEL and LIKE our FACEBOOK Page to become UPDATE for COURSES Cheers!
ABCS Grooming SITE
What Are Three Access Control Security Services? (Choose Three.),
Source: https://abcsps.blogspot.com/2020/07/cybersecurity-essentials-1.html
Posted by: mobleyleyer1935.blogspot.com
0 Response to "What Are Three Access Control Security Services? (Choose Three.)"
Post a Comment